Vuldb Updates

A vulnerability was found in Linux Kernel up to 6.10.4. It has been declared as critical. This vulnerability affects the function event_release. Executing manipulation can lead to use after free. This vulnerability is handled as CVE-2024-43891. The attack can only be done within the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability labeled as problematic has been found in Linux Kernel up to 6.6.45/6.10.4. Affected by this issue is the function idr_alloc of the component memcg. Executing manipulation can lead to allocation of resources. This vulnerability is tracked as CVE-2024-43892. The attack is only possible within the local network. No exploit exists. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 5.10.223/5.15.164/6.1.104/6.6.45/6.10.4 and classified as critical. Affected by this issue is the function padata_mt_helper of the file padata.c. Such manipulation leads to divide by zero. This vulnerability is traded as CVE-2024-43889. Access to the local network is required for this attack to succeed. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.10.4 and classified as critical. Affected by this vulnerability is the function mem_cgroup_from_slab_obj of the component list_lru. This manipulation causes use after free. This vulnerability appears as CVE-2024-43888. The attacker needs to be present on the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability has been found in Linux Kernel up to 6.10.4 and classified as problematic. This affects the function static_key_fast_inc_not_disabled of the component TCP Handler. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-43887. Access to the local network is required for this attack to succeed. There is no exploit available. The affected component should be upgraded.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.14.10/6.15.1. Affected is the function binderfs_evict_inode of the component binder. Performing manipulation results in use after free. This vulnerability is identified as CVE-2025-38176. The attack can only be performed from the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.14.10/6.15.1. Affected by this vulnerability is the function binder_free_proc of the component binder. Executing manipulation can lead to use after free. This vulnerability is tracked as CVE-2025-38175. The attack is only possible within the local network. No exploit exists. The affected component should be upgraded.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.10.4. Affected by this vulnerability is the function resource_log_pipe_topology_update of the component AMD Display. Performing manipulation results in null pointer dereference. This vulnerability is identified as CVE-2024-43886. The attack can only be performed from the local network. There is not any exploit available. You should upgrade the affected component.

Further investigation has shown that this issues is a false-positive. Please review the sources mentioned and consider not using this entry at all.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.15.1. This impacts the function tb_cfg_request_dequeue of the component thunderbolt. Such manipulation leads to denial of service. This vulnerability is referenced as CVE-2025-38174. The attack needs to be initiated within the local network. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.16-rc5. This vulnerability affects the function tipc_conn_close of the component tipc. Such manipulation leads to use after free. This vulnerability is listed as CVE-2025-38464. The attack must be carried out from within the local network. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.6.98/6.12.38/6.15.6/6.16-rc5. Affected by this vulnerability is the function tcp_bound_to_half_wnd of the component tcp. Executing manipulation of the argument involved can lead to allocation of resources. This vulnerability is handled as CVE-2025-38463. The attack can only be done within the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.16-rc5. This affects the function vsock_find_cid. The manipulation results in null pointer dereference. This vulnerability is cataloged as CVE-2025-38462. The attack must originate from the local network. There is no exploit available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.16-rc5. It has been rated as critical. Impacted is the function vsock_use_local_transport. Performing manipulation results in memory corruption. This vulnerability is identified as CVE-2025-38461. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.16-rc5. Affected is the function to_atmarpd of the component atm. Performing manipulation results in null pointer dereference. This vulnerability is known as CVE-2025-38460. Access to the local network is required for this attack. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.16-rc5 and classified as critical. Affected is the function vcc_sendmsg of the component atm. Executing manipulation can lead to null pointer dereference. The identification of this vulnerability is CVE-2025-38458. The attack needs to be done within the local network. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.16-rc5. It has been classified as critical. Affected by this vulnerability is the function clip_push of the component atm. The manipulation leads to uncontrolled recursion. This vulnerability is referenced as CVE-2025-38459. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 6.16-rc5. It has been rated as problematic. This affects the function qdisc_tree_reduce_backlog. This manipulation causes privilege escalation. This vulnerability is tracked as CVE-2025-38457. The attack is only possible within the local network. No exploit exists. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 6.12.38/6.15.6/6.16-rc5. It has been classified as critical. This vulnerability affects the function snd_card_ad1816a_pnp of the component ALSA. This manipulation causes null pointer dereference. The identification of this vulnerability is CVE-2025-38454. The attack needs to be done within the local network. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 6.1.145/6.6.98/6.12.38/6.15.6/6.16-rc5. It has been declared as critical. Affected by this issue is the function kvm_vm_ioctl_create_vcpu. The manipulation results in memory corruption. This vulnerability is identified as CVE-2025-38455. The attack can only be performed from the local network. There is not any exploit available. It is recommended to upgrade the affected component.